Penetration Testing mailing list archives
Sniffing Encrypted Traffic (w/ keys)
From: Brad DeShong <brad () deshong net>
Date: Wed, 22 Jun 2005 21:42:52 -0500
During a recent assesment we compromised SSL keys for a webserver and wanted to sniff the "encrypted" traffic. In theory this works, but what tools exist to do this in practice? I've seen Covelight's Clearwatch on a Windows system, but we're working with a Linux system on the inside. Is a MITM necessary or can it be done by just looking at the traffic after the fact (at least for the half of the connection we have keys for?).
Thanks, Brad DeShong WestAnnex Security
Current thread:
- Sniffing Encrypted Traffic (w/ keys) Brad DeShong (Jun 22)
- Message not available
- Re: Sniffing Encrypted Traffic (w/ keys) Brad DeShong (Jun 22)
- Message not available
- Re: Sniffing Encrypted Traffic (w/ keys) Ty Bodell (Jun 23)
- Re: Sniffing Encrypted Traffic (w/ keys) Brad DeShong (Jun 22)
- Message not available